In today's complex cyber threat landscape it can be difficult and costly to investigate and respond to security incidents.
IT departments are often too focused on getting systems back online to spend time looking into the cause of the problem. With its new InSight platform AccessData wants to help enterprises better manage their data risks.
Publishing its Application Vulnerability Trends Report, Cenzic states that virtually all of the applications it tested had at least one security vulnerability. A staggering 96 percent of apps exhibited security issues, and it looks as though things are on a downward spiral.
In a similar report published last year, it was found that the median number of flaws was 13; this year it has increased to 14. So it appears as though things are getting worse... but is this the full story?
The cloud is increasingly popular with businesses because of its flexibility and low infrastructure costs, however, it does present risks when compared to running systems in house.
A new product from California-based Skyhigh Networks is aimed at quantifying the risks associated with public cloud services and takes the guesswork out of understanding and managing them.
Panda Security has released Panda Cloud Antivirus Beta 2.9, a major revision of its popular cloud-based antivirus tool for Windows PCs.
The beta -- which will become version 3.0 on its final release -- includes a redesigned user interface based along Windows 8 lines as well as a new Wi-Fi Monitor module, and comes with the promise of improved protection and performance.
Installing a good antivirus package will protect you from most threats, but there are no guarantees. It’s always wise to have one or two "second opinion" tools around, just to help out if you think your system has been infected.
CrowdInspect is a portable tool which uses VirusTotal, Web of Trust and Team Cymru’s Malware Hash Registry to reveal (but not remove) malware which is currently active on your network.
As businesses move their data to the cloud they can often be caught out by the need to comply with audit and usage reporting requirements.
Cloud security specialist Elastica has a solution to this with its new CloudSOC product which helps companies and employees use the cloud whilst remaining secure and compliant.
One of the main advantages to using a router is knowing that your personal information is kept away from the privy eyes of the Internet, unless you choose to make the data publicly available. A number of ASUS routers, however, are making files stored behind them visible to everyone, which basically renders them useless if security is of concern (which it usually is).
The behavior is present when the AiCloud feature is enabled. It allows users to remotely access files on the network, through a mobile app, including content stored on USB-connected hard drives. The last bit is what is available for the whole Internet to see. Why? Two vulnerabilities, which allow anonymous access to the built-in FTP server and the storing of user names and passwords in plain text, have not been fixed in due time by ASUS, after a security researcher reported their existence to the company in June of last year. Yeah, many months have passed since.
Google is delving into its wallet once again, fishing out a little cash and going on a spending spree. This time around, it is Israeli startup SlickLogin that is being put in the shopping cart. You may not have heard of the company, and that’s because its services haven't even launched yet, but it is looking to revolutionize two-factor authentication. Additional layers of security are being added by every website worth its salt, and SlickLogin has an interesting alternative to the traditional password.
Like many other two-factor security systems, this makes use of smartphones -- but in a somewhat different way. Rather than generating a unique code that is emailed out and needs to be typed into a website, SlickLogin is audio-based. A unique sound is generated and played through a computer's speakers. So far, so weird. To make things more interesting, and probably more secure, the sound is inaudible thanks to being ultra-sonic, and an app on a smartphone placed near the speaker picks up the sound and completes the authentication process.
It seems to be hacking season at the moment, with new high profile victims hitting the headlines just about every day. The latest target is Kickstarter. The website, which exists to help projects raise the funds they need to get off the ground, was hacked on Wednesday, but details of the attack -- along with an apology -- have only just been made public. If you're wondering why is has taken so many days for Kickstarter to speak out, the company has pre-empted your question and supplied a FAQ: "We immediately closed the breach and notified everyone as soon we had thoroughly investigated the situation".
In a statement on the Kickstarter website CEO Yancey Strickler explained that the company had been contacted by law enforcement officials and alerted to the activity of hackers. It's not clear what users are likely to find more alarming, the fact that the site was hacked in the first place, or the fact that it was not Kickstarter that noticed, but a third party.
It is usually Bill Gates who is heralded for his philanthropy, but according to the Chronicle of Philanthropy, it is Facebook's Mark Zuckerberg who is currently the most generous. In another change from the norm, malware threats to OS X, Linux and Android have increased, showing it is not just Windows that is prone to attack. As if to prove this, Mac malware has been discovered that has been designed to steal Bitcoins from victims. Factor in all of Apple's devices and the company managed to sell more units than Windows PCs are sold, although this revelation caused quite some debate.
Twitter found itself in the headlines after the James Dean estate tried to gain control of a fan's James Dean-related account. Twitter has already spoken out about the shackles binding companies from being open about government data requests -- companies are practically falling over themselves to add their names to the list -- and Dropbox is in agreement. The European Commission has expressed a desire to wrestle some control of the internet from US hands voicing fears that too much influence was being exerted,
The digital currency known as Bitcoin has been making a lot of news lately. It’s been banned in Russia, for one thing, but has also been introduced to the Bing search engine. That up and down news continues, this time heading in the southerly direction.
The good news here is that, for once, Windows users are safe -- or safe from this particular threat at least. Researchers at SecureMac, a company devoted to Apple security since 1999, have discovered a new form of malware that goes after Mac computers with an aim of pilfering Bitcoins from unwitting users.
The US is used to being a dominating force in the world -- this is true in sport, politics, economics, and many other areas -- but the European Commission thinks there should be less US influence over the internet. There are concerns about the level of control the United States has over the technologies and protocols that underpin the internet. One area for concern is ICANN which operates on behalf of the US government yet exerts control over procedures that have global effects.
There is also concern that Europe does not currently have enough sway over the internet. Neelie Kroes, commissioner in charge of telecommunications policy, said: "Europe must contribute to a credible way forward for global internet governance. Europe must play a strong role in defining what the net of the future looks like."
Threats to Mac OS X, Linux and Android systems have increased over the past year as the malware landscape has evolved.
This is among the findings of Russian antivirus company Doctor Web which has released its annual overview of threats. Other trends include an increase in the number of programs designed to display annoying ads and a surge in the number of Bitcoin and Litecoin mining trojans.
The number of CryptoLocker infections is rising, causing problems for administrators and potentially raising millions of dollars for the malware authors behind it.
Security awareness training firm KnowBe4 says it's seeing a rise in the number of complaints about CryptoLocker as users are tricked into opening attachments and infecting their workstations.
Deciding which browser extensions are trustworthy has always been an uncertain business. If an add-on is highly rated, with plenty of users, then it should be safe… But as the recent issues over Chrome extensions showed, with popular add-ons being purchased and tweaked to push adverts, there are no guarantees.
Extension Defender is a new service which helps by cataloging malicious Chrome and Firefox extensions. This can be searched manually, but it's probably simpler to install the Chrome or Firefox extension, which can check and protect your system automatically.